Essential Security Risk Assessment will identify and document areas of security risk in the following domains:
Physical – assessment of environment and Physical data protections
Technical – system scan of network identifying risk associated with creation, storage and destruction of ePHI
ePHI - storage, access, and management
A list of deliverables associated with the Essential SRA:
1. Complete HIPAA Risk Analysis
HIPAA is a risk-based security framework and the production of a Risk Analysis is one of primary requirements of the HIPAA Security Rule's Administrative Safeguards. In fact, a Risk Analysis is the foundation for the entire security program. The Risk Analysis helps HIPAA Covered Entities and Business Associates identify the locations of their protected data, how the data moves within, and in and out of, the organization.
2. Evidence of Compliance Report
Regulation (and auditors) require evidence that compliant tasks have been completed. Documentation must be kept for six years. The Evidence of Compliance report includes user & computer information, and other source material to support your compliance activities.
To learn more about how we can help click HERE or call 586.201.4882